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IN THE CLAIMS 

Please amend the claims as follows: 



1. (Amended) A method performed by a client comprising: 
storing a secret in a secure storage: 

receiving a password challenge from a server; and 

responsive to the password challenge calling a secure password prompt routine which accesses 
the secret in the secure storage, generates an authentication graphic based on the secret and 
displaysiftg a prompt asking a user for a password, the prompt including m the authentication 
graphic which is visible to the user; wherein the secure password prompt routine displays the 
authentication graphic for all password challenges, there being no requirement of an 
association between the server and the authentication graphic. 

2. (Cancelled) 

3. (Cancelled) 



4. ( Amended) The method of claim 1. further comprising making the authentication graphic 
known to the user so that w hefem the user can identify the authentication graphic on the prompt 
prior to the user inputting a password in response to the prompt, v e rify the authenticity of th o 
prompt by comparing th e authentication graphic to a known graphic . 

5. (Amended) The method of claim 4, wherein making the authentication graphic known 
comprises th e known graphic i s physically attach ing the authentication graphic to the client. 

6. The method of claim 1, further comprising: receiving the password from the user; 
generating a digest using the received password and password challenge; and 
sending the digest to the server. 
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7. The method of claim 3, wherein the secret becomes stored in the secure storage when first 
entered by the user. 

8. The method of claim 3, wherein the secret becomes stored in the secure storage when 
generated based upon information entered by the user. 

9. (Amended) A client device comprising: 
a secure storage to store a secret; 

a communications device to receive a password challenge from a server; and 
a prompt authentication routine to in response to the password challenge access the secret in 
the secure storage, generate an authentication graphic based on the secret, and display a prompt 
asking a user for a password, the prompt including the authentication graphic which is visible 
to the user: wherein the secure password prompt routine displays the authentication graphic for 
all password challenges, there being no requirement of an association between the server and 
the authentication graphic. 

a di s play d e vic e to display a prompt asking a us e r for a password, th e prompt including an 
auth e ntication graphic visible to the user. 

10. (Cancelled) 

11. (Cancelled) 

12. (Cancelled) 

13. The client device of claim 9 12. wherein the known authentication g raphic is physically 
attached to the included on a body of the client device . 



14. (Cancelled) 
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15. (Amended) A machine-readable medium having stored thereon 
data representing instructions that, when executed by a 
processor of a client, cause the processor to perform operations 
comprising: 

receiving a password challenge from a server; 

res ponsive to the password challenge calling a secure password prompt routine which accesses 
the secret in the secure storage, generates an authentication graphic based on the secret, and 
displays**** a prompt asking a user for a password, the prompt including aft the authentication 
graphic which is visible to the user; wherein the secure password prompt routine displays the 
authentication graphic for all password challenges, there being no requirement of an 
association between the server and the authentication graphic . 
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16. (Cancelled) 

17. (Cancelled) 

18. ( Amended) The method of claim 15, further comprising making the authentication graphic 
known to the user so that w herein the user can identify the authentication graphic on the prompt 
prior to the user inputting a password in response to the prompt, v e rify the auth e nticity of the 
prompt by comparing the authentication graphic to a known graphic . 

19. The method of claim 15, wherein making the authentication graphic known comprises the 
known graphic i s physically attache ding the authentication graphic to the client. 

20. The method of claim 15, further compri sing: 

receiving the password from the user; generating a digest using the received password and 
password challenge; and sending the digest to the server. 
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21 . (New) The method of claim 1, wherein making the authentication graphic known comprises 
including the authentication graphic in a user manual for the client. 



22. (New) The method of claim 1, wherein the authentication is unique to the client. 



